|
198321
|
7.8 |
HIGH
Local
|
myscada
|
mypro
|
An Unquoted Search Path issue was discovered in mySCADA myPRO Versions 7.0.26 and prior. Application services utilize unquoted search path elements, which could allow an attacker to execute arbitrary…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2017-12730
|
2024-11-21 12:10 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198322
|
6.8 |
MEDIUM
Adjacent
|
ge
|
intelligent_platforms_proficy_hmi\/scada_cimplicity
|
A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Versions 9.0 and prior. A function reads a packet to indicate the next packet length. The next packet length is not verified, allow…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12732
|
2024-11-21 12:10 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198323
|
7.8 |
HIGH
Local
|
spidercontrol
|
scada_webserver
|
An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executable…
|
CWE-269
Improper Privilege Management
|
CVE-2017-12728
|
2024-11-21 12:10 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198324
|
9.9 |
CRITICAL
Network
|
sentinel
|
sentinel_ldk_rte_firmware
|
Remote enabling and disabling admin interface in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to new attack vectors.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2017-12822
|
2024-11-21 12:10 |
2017-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198325
|
9.8 |
CRITICAL
Network
|
sentinel
|
sentinel_ldk_rte_firmware
|
Memory corruption in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 might cause remote code execution.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12821
|
2024-11-21 12:10 |
2017-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198326
|
7.5 |
HIGH
Network
|
sentinel
|
sentinel_ldk_rte_firmware
|
Arbitrary memory read from controlled memory pointer in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12820
|
2024-11-21 12:10 |
2017-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198327
|
9.8 |
CRITICAL
Network
|
sentinel
|
sentinel_ldk_rte_firmware
|
Remote manipulations with language pack updater lead to NTLM-relay attack for system user in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55.
|
CWE-287
Improper Authentication
|
CVE-2017-12819
|
2024-11-21 12:10 |
2017-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198328
|
7.5 |
HIGH
Network
|
sentinel
|
sentinel_ldk_rte_firmware
|
Stack overflow in custom XML-parser in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12818
|
2024-11-21 12:10 |
2017-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198329
|
6.1 |
MEDIUM
Network
|
nexusphp_project
|
nexusphp
|
Multiple cross-site request forgery (CSRF) vulnerabilities in NexusPHP 1.5 allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) a…
|
CWE-79
Cross-site Scripting
|
CVE-2017-12792
|
2024-11-21 12:10 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198330
|
9.8 |
CRITICAL
Network
|
perl
|
perl
|
Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long en…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12814
|
2024-11-21 12:10 |
2017-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
